SYMBOLCOMMON_NAMEaka. SYNONYMS
win.nugget_phantom (Back to overview)

NuggetPhantom


NSFOCUS describes PhantomNugget as a modularized malware toolkit, that was spread using EternalBlue. Payloads included a RAT and a XMRig miner.

References
2019-06-27Red CanaryCasey Smith, Michael Haag
Tracking driver inventory to unearth rootkits
NuggetPhantom
2018-10-08NSFOCUSNSFOCUS
NuggetPhantom Analysis Report
NuggetPhantom

There is no Yara-Signature yet.